"Recently" the Ukraine standardized a new block cipher Kalyna, which according to the abstract of"A New Encryption Standard of Ukraine:
The Kalyna Block Cipher" by Oliynykov et al. (warning: the paper ...

Daniel J. Bernstein (and others) have expressed concern over how "verifiably random" curve parameters are generated. He points out that hashing a public seed doesn't prevent, say, the US government ...

Matthew Green states in the Practical Kleptography presentation (video, at about 12:15) that Hash_DRBG (from SP800-90A) as originally proposed by NSA had potentially exploitable flaws or bugs and that ...

Many protocols use HMAC on messages that include a nonce, but they don't seem to do it in a consistent way. For example, in OAuth the nonce is in the middle of an URL-encoded key-value string, like ...

NIST have just launched a new service called the NSANIST Randomness Beacon. It has been met with some initial skepticism. Perhaps the cryptography community would have used it before June 2013 when ...

I need to write some high-level security requirements which include a random number generator suitable for use in cryptography. I don't need something very formal, this isn't a security certification ...

I'm reading the SSL specs, and it seems that the initial handshake has no authenticity protection at all. What is to prevent, say, an attacker from overwriting the "available ciphers" list with one ...

For those who didn't notice yet, in the USA, the National Institute of Standards and Technology(NIST) has been shut down temporarily because of the poor fiscal situation of the USA.
The text at their ...

If neither of the 'big two' of TLS Handshake and IKE are appropriate in a given situation, what alternative Authenticated Key Exchange (AKE) standards exist and are recommended?
Many protocols have ...

I am on the impression that SRP emerges as the least uncommon and best analyzed protocol for authentication and key agreement based on a short password.
This states that SRP is part of IEC 11770-4, ...

I'm developing application in Java that has to store RSA keys in software for foreseeable future (that is, at least 10 years).
The two most common standards of storing private keys are PKCS12 and JKS ...